Face authentication system, face authentication method, biometrics authentication system, biometrics authentication method, and storage medium

ABSTRACT

According to at least one example embodiment of the present invention, provided is a face authentication system including: a criterion setting unit that sets a criterion of face authentication performed on a user so as to be different in accordance with a state of an access target system accessed by the user; and a face authentication unit that performs face authentication of the user based on the criterion.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a Continuation of International Application No.PCT/JP2018/021163, filed Jun. 1, 2018, which claims priority fromJapanese Patent Application No. 2017-110667, filed Jun. 5, 2017.

The entire contents of the above-referenced applications are expresslyincorporated herein by reference.

TECHNICAL FIELD

The present invention relates to a face authentication system, a faceauthentication method, a biometrics authentication system, a biometricsauthentication method, and a storage medium.

BACKGROUND ART

Patent Literature 1 discloses a face image recording system that canidentify whether or not the user is a person in question by capturing aface image of a user and comparing the face image with a recorded faceimage.

CITATION LIST Patent Literature

PTL 1: Japanese Patent Application Laid-Open No. 2004-265231

SUMMARY OF INVENTION Technical Problem

In a face authentication system as disclosed in Patent Literature 1,when multiple times of face authentication are repeated, it may be anobjective to set a suitable criterion in order to sufficiently reduce anerror such as erroneous acceptance of a wrong person, erroneousrejection of a correct person, or the like and ensure a sufficientauthentication accuracy.

At least one example embodiment of the present invention has been madein view of the above objective and intends to provide a faceauthentication system, a face authentication method, and a storagemedium that can set a criterion of face authentication in a moresuitable manner.

Further, at least another example embodiment of the present inventionintends to provide a biometrics authentication system, a biometricsauthentication method, and a storage medium that can set the biometricsauthentication accuracy in a more suitable manner.

Solution to Problem

According to one example aspect of the present invention, provided is aface authentication system including: a criterion setting unit that setsa criterion of face authentication performed on a user so as to bedifferent in accordance with a state of an access target system accessedby the user; and a face authentication unit that performs faceauthentication of the user based on the criterion.

According to another example aspect of the present invention, providedis a face authentication method including: setting a criterion of faceauthentication performed on a user so as to be different in accordancewith a state of an access target system accessed by the user; andperforming face authentication of the user based on the criterion.

According to yet another example aspect of the present invention,provided is a storage medium in which a program is stored, and theprogram causes a computer to execute: setting a criterion of faceauthentication performed on a user so as to be different in accordancewith a state of an access target system accessed by the user; andperforming face authentication of the user based on the criterion.

According to yet another example aspect of the present invention,provided is a biometrics authentication system including: an accuracysetting unit that sets an accuracy of biometrics authenticationperformed on a user so as to be different in accordance with a state ofan access target system accessed by the user; and a biometricsauthentication unit that performs biometrics authentication of the userbased on the accuracy.

According to yet another example aspect of the present invention,provided is a biometrics authentication method including: setting anaccuracy of biometrics authentication performed on a user so as to bedifferent in accordance with a state of an access target system accessedby the user; and performing biometrics authentication of the user basedon the accuracy.

According to yet another example aspect of the present invention,provided is a storage medium in which a program is stored, and theprogram causes a computer to execute: setting an accuracy of biometricsauthentication performed on a user so as to be different in accordancewith a state of an access target system accessed by the user; andperforming biometrics authentication of the user based on the accuracy.

Advantageous Effects of Invention

According to at least one example embodiment of the present invention, aface authentication system, a face authentication method, and a storagemedium that can set a criterion of face authentication in a moresuitable manner can be provided.

Further, according to at least another example embodiment of the presentinvention, a biometrics authentication system, a biometricsauthentication method, and a storage medium that can set the biometricsauthentication accuracy in a more suitable manner can be provided.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a schematic diagram illustrating a general configuration of afirst example embodiment.

FIG. 2 is a block diagram illustrating a hardware configuration exampleof a user terminal according to the first example embodiment.

FIG. 3 is a function block diagram of the user terminal according to thefirst example embodiment.

FIG. 4 is sequence diagram illustrating a process of remote teachingaccording to the first example embodiment.

FIG. 5 is a flowchart illustrating a process during learning in the userterminal according to the first example embodiment.

FIG. 6 is a graph illustrating a criterion of face authenticationaccording to the first example embodiment.

FIG. 7 is a graph illustrating a criterion of face authenticationaccording to a second example embodiment.

FIG. 8 is a diagram illustrating a screen display example on a displayaccording to a third example embodiment.

FIG. 9 is a flowchart illustrating a process of face image transmissionaccording to a fourth example embodiment.

FIG. 10 a flowchart illustrating a process of adding a comparison targetaccording to a fifth example embodiment.

FIG. 11 is a schematic diagram illustrating a general configurationaccording to a sixth example embodiment.

FIG. 12 is a function block diagram of a face authentication systemaccording to a seventh example embodiment.

FIG. 13 a function block diagram of a biometrics authentication systemaccording to a modified example embodiment.

DESCRIPTION OF EMBODIMENTS

Exemplary example embodiments of the present invention will be describedbelow with reference to the drawings. Throughout the drawings, the samecomponents or corresponding components are labeled with the samereference, and the description thereof may be omitted or simplified.

First Example Embodiment

An example of a remote teaching system over a network will be describedas a first example embodiment of the present invention. FIG. 1 is aschematic diagram illustrating a general configuration of the remoteteaching system according to the first example embodiment. The remoteteaching system includes a learning management system 1, a faceauthentication management server 2, and user terminals 4. The learningmanagement system 1, the face authentication management server 2, andthe user terminals 4 are connected so as to be able to communicationwith each other via a network 3. Note that, while one learningmanagement system 1, one face authentication management server 2, and aplurality of (three) user terminals 4 are illustrated in FIG. 1, thenumber of them is not particularly limited. Note that the learningmanagement system 1 that is a target to be accessed by the user terminal4 may be simply referred to as an access target system.

The learning management system 1 is a system that provides a teachingservice to a user who utilizes the user terminal 4 remotely via thenetwork 3 and may be called an e-learning system. The learningmanagement system 1 transmits contents such as a lecture voice, alecture movie, an explanatory material, a confirmation test of theunderstanding level, or the like to the user terminal 4. Transmission ofsuch contents may be performed by using technologies such as streaming,progressive download, or the like in which downloading and playback ofdata are performed simultaneously. Further, the learning managementsystem 1 may further have a function such as accepting a question to alecturer from a user to perform interactive teaching.

The face authentication management server 2 provides face authenticationsoftware used for performing face authentication on a user who intendsto access or has accessed the learning management system 1. Althoughdescribed as being installed in the user terminal 4, the above softwaremay be installed in the face authentication management server 2, thelearning management system 1, or other servers. Further, the faceauthentication management server 2 has a function of providing a policyof face authentication to face authentication software installed in theuser terminal 4.

The network 3 is an Internet Protocol (IP) network, a Local Area Network(LAN), or the like. The communication path over the network 3 may bewired, may be wireless, or may be a combination thereof.

The user terminal 4 is a computer having a communication function bywhich the user receives contents from the learning management system 1.The user terminal 4 may be a desktop Personal Computer (PC), a laptopPC, a tablet PC, a mobile phone, or the like. Further, the user terminal4 has a camera used for capturing an image of a face of a user accessingthe learning management system 1. The user terminal 4 is supplied with asoftware that performs face authentication of a user from the faceauthentication management server 2, executes a face authenticationprogram, and thereby functions as a face authentication system.

Note that the learning management system 1 and the face authenticationmanagement server 2 may be configured as an integrated system. In thiscase, in the following description, transmission and reception ofinformation between the user terminal 4 and the learning managementsystem 1 may be replaced with transmission and reception of informationbetween the user terminal 4 and the face authentication managementserver 2, and transmission and reception of information between the userterminal 4 and the face authentication management server 2 may bereplaced with transmission and reception of information between the userterminal 4 and the learning management system 1. Further, the learningmanagement system 1 and the face authentication management server 2 maybe configured as a single learning management device having both of theabove functions. In this case, in the following description,transmission and reception of information between the user terminal 4and the learning management system 1 and transmission and reception ofinformation between the user terminal 4 and the face authenticationmanagement server 2 may be each replaced with transmission and receptionof information between the user terminal 4 and the learning managementdevice.

FIG. 2 is a block diagram illustrating a hardware configuration exampleof the user terminal 4 according to the first example embodiment. Toimplement functions as a computer that performs calculation and storage,the user terminal 4 has a central processing unit (CPU) 401, a randomaccess memory (RAM) 402, a read only memory (ROM) 403, and a hard diskdrive (HDD) 404. Further, the user terminal 4 has, as an interface(I/F), a communication I/F 405, an input device I/F 406, a display I/F407, and a peripheral device I/F 408. The user terminal 4 further has aninput device 41, a display 42, and a camera 43. The CPU 401, the RAM402, the ROM 403, the HDD 404, the communication I/F 405, the inputdevice I/F 406, the display I/F 407, and the peripheral device I/F 408are connected to each other via a bus 409.

While respective components forming the user terminal 4 are illustratedas an integrated device in FIG. 2, these components may be formed of acomputer and one or more external devices. For example, the input device41, the display 42, or the camera 43 may be an external device separatedfrom a computer including the CPU 401 or the like.

The CPU 401 has the function of performing a predetermined operationaccording to a program stored in the ROM 403, the HDD 404, or the likeand controlling respective components of the user terminal 4. The RAM402 provides a temporal memory region necessary for the operation of theCPU 401. The ROM 403 is formed of a non-volatile memory and storesnecessary information such as a program used for the operation of theuser terminal 4. The HDD 404 is a mass storage device that performs faceimage data of users, storage of contents received from the learningmanagement system 1, or the like.

The communication I/F 405 is a communication interface based on astandard such as Ethernet (registered trademark), Wi-Fi (registeredtrademark), or the like, which is a module used for communicating withother devices. The input device 41 is a keyboard, a mouse, atouchscreen, or the like by which the user operates the user terminal 4.The input device I/F 406 is an interface by which the CPU 401 controlsthe input device 41. The display 42 is a liquid crystal display, anorganic light emitting diode (OLED) display, or the like and used fordisplaying a moving image, a static image, a text, or the like. Thedisplay I/F 407 is an interface through which the CPU 401 controls thedisplay 42.

The camera 43 is a device that captures an image of a face of a user whois accessing the learning management system 1. The camera 43 is arrangedat a position where the user's face is included within a capturing rangewhen the user is looking at the display 42. For example, the camera 43may be arranged in the bezel of the display 42. It is desirable that thecamera 43 be able to perform capturing with digital data so as to besuitable for a process of face authentication. It is therefore desirablethat the camera 43 be a digital camera with a complementary metal oxidesemiconductor (CMOS) image sensor, a charge coupled device (CCD) imagesensor, or the like. The peripheral device I/F 408 is an interface usedfor performing control of the camera 43 by the CPU 401, transfer of animage acquired by the camera 43 to the HDD 404, or the like.

Note that the hardware configuration illustrated in FIG. 2 is anexample, and a device other than the above may be added, or some of thedevices may not be provided. Further, some of the devices may bereplaced with another device having a similar function. For example,some of the functions may be provided by another device via a network,or the functions forming the present example embodiment may bedistributed in a plurality of devices for implementation. Further, forexample, the HDD 404 may be replaced with a solid state drive (SSD)using a semiconductor element such as a flash memory.

FIG. 3 is a function block diagram of the user terminal 4 according tothe first example embodiment. FIG. 3 illustrates a function block whenthe CPU 401 of the user terminal 4 executes a program of faceauthentication software and thereby causes the user terminal 4 tofunction as a face authentication system 50. The face authenticationsystem 50 has the camera 43, a face image storage unit 501, a featureamount calculation unit 502, a feature amount storage unit 503, a faceimage input/output unit 504, a comparison target amount storage unit505, an authentication condition acquisition unit 506, a stateacquisition unit 507, a criterion setting unit 508, an authenticationresult output unit 509, and a face authentication unit 510.

The CPU 401 implements functions of the feature amount calculation unit502, the criterion setting unit 508, and the face authentication unit510 by loading and executing a program stored in the ROM 403 or the HDD404 to the RAM 402. The HDD 404 controlled by the CPU 401 implementsfunctions of the face image storage unit 501, the feature amount storageunit 503, and the comparison target amount storage unit 505. Thecommunication I/F 405 controlled by the CPU 401 implements functions ofthe face image input/output unit 504, the authentication conditionacquisition unit 506, the state acquisition unit 507, and theauthentication result output unit 509.

The face image storage unit 501 stores a face image captured by thecamera 43 as digital data. The face image storage unit 501 is able tostore a plurality of face images acquired at different time, and in thiscase, the face images may be stored in association with capturing time.Further, when the face authentication system 50 of the present exampleembodiment may perform face authentication of a plurality of users, theface images may be stored in association with user names.

The feature amount calculation unit 502 performs calculation of afeature amount on a face image stored in the face image storage unit501. The feature amount calculation unit 502 detects a face region of auser within image data and detects a face feature point. The featureamount calculation unit 502 then calculates a feature amount from datasuch as the position of the face feature point. In such a way, a faceimage can be converted into a feature amount in a form suitable forcomparison performed by a computer. As a face feature point, forexample, a portion that can be easily recognized in a face such as aneye(s), a nose, a mouth is selected. Note that a plurality of featureamounts may be calculated from a single image.

The feature amount storage unit 503 stores a feature amount generated bythe feature amount calculation unit 502. When an attribute such ascapturing time, a user name, or the like is associated with a faceimage, a feature amount may be stored in association with such anattribute.

The face image input/output unit 504 performs input of a face image fromthe face authentication management server 2 and output of a face imageto the face authentication management server 2. Note that data input oroutput at the face image input/output unit 504 may be a face imageitself of the user or may be information related to a face image such asa feature amount calculated from a face image. FIG. 3 illustrates ablock diagram in which a configuration of transmitting or receiving theface image itself is expected as an example, and the face image itselfis transmitted or received also in the following description. The faceimage input/output unit 504 acquires, from the face authenticationmanagement server 2, a comparison target image used for comparing a faceimage of the user who is subjected to face authentication and stores theacquired comparison target image in the face image storage unit 501. Assuch a comparison target image, an image of a photograph of a user'sface attached to an application form when the user applies utilizationof the learning management system 1 or the like may be used, forexample. Further, the face image input/output unit 504 outputs a faceimage of the user captured by the camera 43 and stored in the face imagestorage unit 501 to the face authentication management server 2. Theface authentication management server 2 stores the input face image ofthe user as a log of face authentication management.

The calculation of a feature amount is performed also on the comparisontarget image stored in the face image storage unit 501 in the samemanner as on the face image captured by the camera 43 in the featureamount calculation unit 502. The feature amount of the comparison targetimage is stored in the comparison target amount storage unit 505. Whenan attribute such as a user name is associated with a comparison targetimage, the feature amount may be stored in association with such anattribute.

The authentication condition acquisition unit 506 acquires anauthentication condition required for face authentication of a user fromthe face authentication management server 2. This authenticationcondition illustrates a policy of face authentication such ascorrespondence between a state of the learning management system 1 and acriterion of face authentication. Further, the authentication conditionmay include information related to the frequency of performing faceauthentication during learning.

The state acquisition unit 507 acquires the state of the learningmanagement system 1. A state of the learning management system 1 may be,for example, a state where the learning management system 1 requests theuser to perform login, a state where the learning management system 1performs a logoff process of the user, a state where the learningmanagement system 1 causes the user to perform learning, a state wherethe learning management system 1 tests the user for checking theunderstanding level or the like, or the like.

The criterion setting unit 508 sets a criterion of face authenticationbased on an authentication condition acquired by the authenticationcondition acquisition unit 506 and a state of the learning managementsystem 1 acquired by the state acquisition unit 507. Here, the criterionset by the criterion setting unit 508 is set to be different inaccordance with the state of the learning management system 1.

The face authentication unit 510 performs face authentication to comparea feature amount of a face image of the user stored in the featureamount storage unit 503 with a feature amount of a comparison targetimage stored in the comparison target amount storage unit 505 anddetermine whether or not these images are the image of the same person.At this time, when a similarity degree between the face image of theuser and the comparison target image expressed by the difference of thefeature amounts exceeds a threshold based on the criterion set by thecriterion setting unit 508, the face authentication unit 510 determinesthat the persons are the same.

The authentication result output unit 509 outputs an authenticationresult at the face authentication unit 510 to the learning managementsystem 1. The learning management system 1 can use the authenticationresult as information used for determination necessary for providingremote teaching to the user, such as determining whether or not totransmit a content in accordance with the authentication result.

FIG. 4 is a sequence diagram illustrating the process in the userterminal 4, the face authentication management server 2, and thelearning management system 1 in the remote teaching according to thefirst example embodiment. FIG. 4 illustrates the operation oftransmitting software (S/W) used for the operation of the faceauthentication system 50 from the face authentication management server2 to the user terminal 4, the operation of transmitting anauthentication condition from the face authentication management server2 to the user terminal 4, and the operation of the user terminal 4, theface authentication management server 2, and the learning managementsystem 1 during learning.

The operation at transmission of the face authentication software willbe described. In step S11, the user terminal 4 requests transmission ofsoftware from the face authentication management server 2. In step S12,the face authentication management server 2 transmits faceauthentication software to the user terminal 4 in response to therequest. The face authentication software is installed in the userterminal 4, and the user terminal 4 executes this and thereby functionsas the face authentication system 50. Note that the face authenticationsoftware that causes the user terminal 4 to function as the faceauthentication system 50 may be downloaded and installed in advance tothe user terminal 4.

The operation at transmission of an authentication condition will bedescribed. In step S13 after the face authentication software isinstalled in the user terminal 4, the face authentication managementserver 2 transmits an authentication condition to the user terminal 4.As described above, this authentication condition is used for setting ofa criterion in face authentication or the like. Note that the timingwhen the process of step S13 is performed can be suitably determined.For example, step S13 may be repeated at a predetermined cycle, may beperformed at the time of change of an authentication conditiondetermined by the face authentication management server 2, may beperformed in response to a request of the user terminal 4, or may beperformed at the same time as or immediately after transmission of faceauthentication software.

FIG. 5 is a flowchart illustrating a process during learning in the userterminal 4 according to the first example embodiment. In the followingdescription, the operation during learning will be described withreference to FIG. 4 and FIG. 5 each other. In step S14, the userterminal 4 requests the learning management system 1 for login. In stepS15, the learning management system 1 requests information necessary foridentifying the user from the user terminal 4 and requests the faceauthentication system 50 of the user terminal 4 to perform faceauthentication of the user. Here, the information necessary foridentifying the user may include a user identifier (ID), for example. Inaddition, the learning management system 1 may further requestinformation used for authentication, such as a password, from the userterminal 4.

In step S16, the camera 43 captures a face image of the user, the faceauthentication unit 510 of the face authentication system 50 performsface authentication of the user based on the similarity degree betweenthe face image of the user and the comparison target image. At thistime, the learning management system 1 is in a state to accept a faceauthentication result for determining login permission. In thefollowing, this state may be referred to as a first state. The stateacquisition unit 507 acquires information indicating that the learningmanagement system 1 is in the first state, and the criterion settingunit 508 sets a criterion in accordance with the first state. The faceauthentication unit 510 performs face authentication in accordance withthis criterion. When the user of the user terminal 4 is recognized asthe user in question registered in the learning management system 1, theprocess proceeds to step S17 (step S16, YES). When the user of the userterminal 4 is determined to be a different person from the userregistered in the learning management system 1 or when face imagerecognition itself fails, login is not permitted, and thus the processends (step S16, NO). Note that acquisition of a comparison target imageand calculation of a feature amount in the user terminal 4 may beperformed in advance before step S14.

Note that the camera 43 may capture a face image of the user and theface authentication unit 510 may perform face authentication of the usernot only at the time of login but also at the start of a content. Alsoat this time, the learning management system 1 is in a state ofaccepting a face authentication result used for determining whether ornot to permit start of the content, which may be included in the firststate described above. The expression “at the start of a content”includes at the start of playback of a delivered content and at thestart of playback from each chapter within a content. Therefore, whenone content is divided into four chapters of the first chapter to thefourth chapter, for example, “at the start of a content” may be at thestart of the first chapter, at the start of the second chapter, at thestart of the third chapter, and at the start of the fourth chapter.

In step S17, the user terminal 4 transmits a signal indicating that theface authentication is allowed by the learning management system 1. Notethat such an indication may be transmitted similarly when the user ofthe user terminal 4 is determined to be a different person from the userregistered in the learning management system 1 or when face imagerecognition itself fails in step S16.

In step S18, the learning management system 1 authorizes login to theuser terminal 4 and starts transmission of a content in accordance withthe request from the user terminal 4. In FIG. 4, each of rectangleslabeled with steps S19 and S20 illustrates a period in which the userterminal 4 has logged in the learning management system 1. At apredetermined timing in this period, the learning management system 1transmits a content to the user terminal 4 (not illustrated). Forexample, when the content is a lecture movie transmitted by streaming orprogressive download, the learning management system 1 can continuetransmission of the lecture movie in a period in which the user performslearning.

Note that, in the first authentication such as at login, at the start ofa content, or the like, face authentication may be omitted, identityverification may be performed by using a user ID, a password, or thelike, and a photograph of a user's face to be used as a comparisontarget image in future face authentication may be captured. In such ascheme, it is not necessary to acquire a comparison target image fromthe face authentication management server 2. The acquired comparisontarget image is used in face authentication performed after the firstauthentication (for example, step S21 a described later).

In step S21 a within a login period, the camera 43 captures a face imageof the user, and the face authentication unit 510 performs faceauthentication of the user. Step S21 a is performed at a predeterminedtiming defined by an authentication condition. At this time, thelearning management system 1 is in a state of accepting a faceauthentication result of the logged in user. Hereinafter, this state maybe referred to as a second state. The state acquisition unit 507acquires information that the learning management system 1 is in thesecond state, and the criterion setting unit 508 sets a criterion inaccordance with the second state. The face authentication unit 510performs a face authentication by using this criterion. When the user ofthe user terminal 4 is recognized to be the user in question registeredin the learning management system 1, the process proceeds to step S22(step S21 a, YES). If the user of the user terminal 4 is determined tobe a different person from the user registered in the learningmanagement system 1 or if the face image recognition itself fails (stepS21 a, NO), the process proceeds to step S21 b.

In step S21 b, the user terminal 4 causes the display 42 to display amessage for an alert. A state of identity verification with faceauthentication being unable to be made may occur when the attitude ofattending a lecture is unenthusiastic such as when the user has left itsseat, when the user is looking at something else, or the like, forexample. The reason for displaying an alert is to eliminate such a stateof the unenthusiastic attitude of attending a lecture and urge the userto succeed in face authentication. Note that this alert display is notessential, and a process such as to force logoff may be employed, forexample, or a process such as to accumulate the history of the state ofthe attitude of attending a lecture in the log may be employed withoutproviding an alert to the user.

In step S22, the user terminal 4 transmits a face image of the user tothe face authentication management server 2 in accordance with theresult of the face authentication. This face image is stored in the faceauthentication management server 2 as a log of the face authentication.The manager of the face authentication management server 2 is able tovisually check the face image stored in the face authenticationmanagement server 2 and check whether or not the face authentication isproperly performed, if necessary. In step S23, the user terminal 4transmits the result of the face authentication to the learningmanagement system 1. The learning management system 1 can performvarious operations using such a result of face authentication. Forexample, the learning management system 1 may perform a process to forcelogoff, may perform a process to accumulate the history of the state ofthe attitude of attending a lecture in the log, or may instruct the userterminal 4 to display an alert message. Further, as another example, thelearning management system 1 may temporally stop playback of a contenton the user terminal 4 in accordance with a result of faceauthentication. Playback of the stopped content is resumed when the faceauthentication is allowed. Note that a result of face authenticationthat triggers various operations described above performed by thelearning management system 1 may include a case where the faceauthentication is not allowed or a case where face image recognitionfails.

Note that, while transmission of a face image in step S22 may beperformed to be used for visual check when the face authentication isnot allowed, the transmission may be performed to be used for saving alog also when the face authentication is allowed. Further, the userterminal 4 may transmit a face image as a log at the start of eachchapter or at the end of each chapter of a content. Further, while theuser terminal 4 may transmit a face image in real time at the start orat the end of each chapter, the user terminal 4 may transmit a pluralityof face images at once at the timing when the last chapter of a contentends. Also when being configured to monitor substantially all the timethe user by repeating the processes of steps S21 a, S21 b, and S22, andS23 as described later, the user terminal 4 may transmit a face imageevery time or may transmit a plurality of face images at once at the endof a content or at the time of logoff. Accordingly, the manager of theface authentication management server 2 may visually check in real timeat the timing when an image is transmitted or may visually checktransmitted images collectively in later time.

The processes of steps S21 a, S21 b, S22, and S23 described above may beperformed multiple times repeatedly within a login period. For example,the user can be monitored substantially all the time by performing theabove process at a constant cycle such as performing the above processonce 1 second.

Step S24 illustrates an operation when the user of the user terminal 4finishes learning and performs operation of logoff on the user terminal4. In a logoff process, the camera 43 captures a face image of the user,and the face authentication unit 510 performs face authentication of theuser again. At this time, the learning management system 1 is in a stateof accepting a face authentication result at the time of logoff of theuser who has been logged in. In the following, such a state may bereferred to as a third state. The state acquisition unit 507 acquiresinformation indicating that the learning management system 1 is in thethird state, and the criterion setting unit 508 sets a criterion inaccordance with the third state. The face authentication unit 510performs face authentication by using this criterion.

Note that, not only at the time of logoff, but also at the end of acontent, the camera 43 may capture a face image of the user, and theface authentication unit 510 may perform face authentication of the useragain in a similar manner. The learning management system 1 is also in astate of accepting a face authentication result and may be included inthe third state described above. The expression “at the end of acontent” includes at the end of playback of one delivered content and atthe end of playback of each chapter within the content. Therefore, whenone content is divided into four chapters of the first chapter to thefourth chapter, for example, “at the end of a content” may be at the endof the first chapter, at the end of the second chapter, at the end ofthe third chapter, and at the end of the fourth chapter.

In step S25, the user terminal 4 transmits a signal indicating a resultof face authentication to the learning management system 1. The userterminal 4 then logs off the learning management system 1, and theprocess of the present remote teaching ends. The learning managementsystem 1 can use the result of the face authentication at logoff fordetermination of whether or not to admit the history of attending alecture, for example. Further, when the face authentication is notallowed at logoff, the user terminal 4 may again perform faceauthentication of the user.

The criterion of face authentication in the first state, the secondstate, and the third state described above will now be described. FIG. 6is a graph illustrating an example of a criterion of face authenticationaccording to the first example embodiment. The horizontal axis of FIG. 6represents time including the time of login to logoff, and the verticalaxis of FIG. 6 represents a setting value of a threshold of a similaritydegree between an acquired face image of the user and a comparisontarget image. It is determined that both persons in the images are thesame when this similarity degree exceeds the threshold, and it isdetermined that both persons in the images are not the same when thesimilarity degree is less than or equal to the threshold. That is, ahigher threshold causes a strict determination of face authentication tobe performed.

In FIG. 6, “at login” corresponds to the first state in step S16described above, “at logoff” corresponds to the third state in step S24described above. A period in a logged-in state between “at login” and“at logoff” corresponds to the second state in step S21 a describedabove. Here, as illustrated in FIG. 6, a threshold S1 of the similaritydegree used as a criterion of face authentication at login is set higherthan a threshold S2 of the similarity degree used as a criterion of faceauthentication in a logged-in state. The reason why the threshold is sethigher at login is that it is necessary to strictly determine whether ornot a person trying login is the registered user for the purpose ofpreventing unauthorized login. On the other hand, since identityverification of the user has been made at login, a need to performidentity verification of the user in a logged-in state is not so high.The face authentication in a logged-in state intends to urge the user tobe enthusiastic in attending the lecture, for example. In such a way,strictness of determination is not highly required in a logged-in state.Rather, to reduce the frequency of occurrence of erroneous determinationof rejection of the correct person, it is desirable that the thresholdbe not too high. Therefore, the threshold is set with the levelrelationship (S1>S2) as illustrated in FIG. 6.

Note that, as illustrated in FIG. 6, the threshold S1 of the similaritydegree used as a criterion of face authentication at logoff is sethigher than the threshold S2 of the similarity degree used as acriterion of face authentication in a logged-in state period. Althoughthis configuration is not essential, the reason thereof is as below.Since the threshold of face authentication in a logged-in state is setlower, there is a likelihood of impersonation (a dummy attending alecture) in which the user is replaced with another person duringattending a lecture. Thus, it is desirable to perform identityverification again at logoff for the purpose of reliable check ofattendance at a lecture. Here, since the user is looking at the screenof the display 42 in order to perform a logoff operation at logoff, theface of the user is within a capturing range, and erroneousdetermination of rejection of the correct person is less likely tooccur. Note that, while the threshold of the similarity degree at loginand the threshold of the similarity degree at logoff are the same valueS1 in FIG. 6, this is not essential, and these thresholds may bedifferent values from each other.

Further, when face authentication of the user is performed at the startof a content (including the start of each chapter), the threshold S1,which is higher than the threshold S2 of the similarity degree used as acriterion of face authentication in a logged-in state, is used as acriterion of face authentication in a similar manner to the case ofbeing used at login described above. With face authentication using acriterion of the high threshold S1 being performed not only at login andat logoff but also at the start of a content, impersonation or the likecan be more reliably prevented. Note that it is not essential to use thethreshold S1 always at the start of each chapter as a criterion. Forexample, when it is estimated that a playback environment such as aplace, time, or the like where a content is played back has changedbased on position information of the user terminal 4, network connectionrelated information, the time interval of the start of a content, or thelike, face authentication using the threshold S1 as a criterion may beperformed every time each chapter starts, and when it is estimated thatthe playback environment has not changed, face authentication using thethreshold S2 as a criterion may be performed. Thereby, when the userterminal 4 is a laptop PC, a tablet PC, or the like, appropriate faceauthentication can be performed even in a case where a playbackenvironment such as a place, time, or the like where a content is playedback may change. Note that the position information of the user terminal4 may be the position of the user terminal 4 acquired by a GlobalPositioning System (GPS), for example. The network connection relatedinformation of the user terminal 4 may be an IP address, for example.

When a comparison target image is acquired without face authenticationbeing performed in the first authentication at login, at the start of acontent, or the like, the high threshold S1 may be used as a criterionof face authentication at the first face authentication afteracquisition of the comparison target image, and the threshold S2 maythen be used as a criterion of face authentication in a logged-in state.

Further, when face authentication of a user is performed at the end of acontent (including the end of each chapter), the threshold S1, which ishigher than the threshold S2 of the similarity degree used as acriterion of face authentication in a logged-in state, is used as acriterion of face authentication in a similar manner to the case ofbeing used at logoff described above. By performing face authenticationusing the high threshold S1 as a criterion not only at login, at logoff,and at the start of a content but also at the end of a content, it ispossible to prevent impersonation or the like in a more reliable manner.

Further, with respect to face authentication used as a condition ofresuming playback of a content when playback of a content at the userterminal 4 is temporally stopped due to a result of face authentication,the threshold S1, which is higher than the threshold S2 of thesimilarity degree used as a criterion of face authentication in alogged-in state, is used as a criterion of face authentication in asimilar manner to the case of being used at login described above.

As described above, according to the present example embodiment, bydifferentiating a criterion of face authentication in accordance withthe state of access target system to be accessed by the user, it ispossible to provide a face authentication system that can set acriterion of face authentication in a more suitable manner.

A typical application example of the configuration of the presentexample embodiment will be arranged and described along a flow when theuser performs learning. When the user receives a content from thelearning management system 1 to perform learning, the following fourprocesses are mainly performed. (a) Login to the learning managementsystem 1 (corresponding to step S19). (b) Selection of a content from alecture menu and start of playback of the content. (c) End of playbackof the content. (d) Logoff from the learning management system 1 (ifnecessary). While face authentication may be performed in any case inthe processes from (a) to (d), the face authentication may be omitted.While the threshold of the similarity degree used as a criterion of faceauthentication can be differentiated from each other in the processes of(a) to (d) with application of the present example embodiment,typically, the threshold S1 of the similarity degree used as a criterionof face authentication in the above (a) and (c) may be set higher thanthe threshold S2 of other cases.

Second Example Embodiment

An example in which a criterion of face authentication is changed fromthe first example embodiment will be described as a second exampleembodiment. Since the basic configuration such as a block diagram of theface authentication system 50 is the same as that of the first exampleembodiment, features different from those of the first exampleembodiment will be mainly described below, and the duplicateddescription will be omitted or simplified.

The learning management system 1 of the present example embodiment has afunction of instructing a user to take a test in addition to thefunction of instructing the user to perform learning. For example, thistest is an understanding level check test for checking whether or notthe user has deeply understood the learning content, and a result of thetest may be used for determination as to whether or not to admit theattendance at a lecture.

FIG. 7 is a graph illustrating an example of a criterion of faceauthentication according to the second example embodiment. Asillustrated in FIG. 7, “test period” is provided in a logged-in state.During a test period, the learning management system 1 transmits datanecessary for a test, such as a test question, an answer form, or thelike, to the user terminal 4, and the user terminal 4 displays the dataon the display 42 to instruct the user to take the test.

Therefore, in a logged-in state, the learning management system 1 isable to operate in a state of instructing the user to take the test anda state of instructing the user to perform learning. In the following, astate of instructing the user to take a test may be referred to as afourth state, and a state of instructing the user to perform learningmay be referred to as a fifth state. As illustrated in FIG. 7, thethreshold S1 of the similarity degree used as a criterion of faceauthentication in the test period is set higher than the threshold S2 ofthe similarity degree used as a criterion of face authentication duringlearning. The reason why the threshold is set higher in the test periodis that a need for identity verification is higher than during learningin order to prevent cheating such as impersonation (a dummy taking atest) in which the user is replaced with another person in the testperiod. Note that, while the threshold of the similarity degree atlogin, the threshold of the similarity degree at logoff, and thethreshold of the similarity degree in a test period are the same valueS1 in FIG. 7, this is not essential, and these thresholds may bedifferent values from each other.

As described above, according to the present example embodiment,cheating in a test can be prevented.

Note that, while the values of the threshold of the similarity degreeused as a criterion of face authentication are different between thetest period and during learning in the example described above, asetting scheme of a criterion may be other than the above. For example,the frequency of performing face authentication with the threshold S1may be different between the test period and during learning. Forexample, it is also possible to prevent cheating in a test by settingthe frequency of face authentication in a test period to be higher thanthe frequency of face authentication during learning such as performingface authentication with the threshold S1 every 30 seconds in the testperiod and performing face authentication with the threshold S1 every 10minutes during learning.

Third Example Embodiment

A modified example regarding alert display displayed after faceauthentication during learning will be described as a third exampleembodiment. The present example embodiment is an example embodiment inwhich the alert display in step S21 b of FIG. 4 and FIG. 5 is changed ormore detailed from that of the first example embodiment. Thus, only thefeatures different from those of the first example embodiment will bedescribed below, and the duplicated description will be omitted orsimplified.

FIG. 8 is a diagram illustrating a screen display example on the display42 in the present example embodiment. A lecture material display window610, a lecturer image display window 620, a lecture information displaywindow 630, and a message display window 640 are depicted within displayscreen 600 illustrated in FIG. 8. A lecture material is displayed in thelecture material display window 610. An image of a lecturer who isproviding a lecture is displayed in the lecturer image display window620. Information on the lecture is displayed on the lecturer informationdisplay window 630. In this example, the chapter arrangement of thelecture is displayed. A message to the user is displayed in the messagedisplay window 640. Further, information such as a product name of thelearning management system 1 (XYZ e-learning system), a user name (ABC),or the like may be displayed outside the window within the displayscreen 600.

In the present example embodiment, in accordance with the result of theface authentication in step S21 a, an alert text or the like isdisplayed in the message display window 640 on the display 42. As aresult of face authentication, there are three conceivable cases: a casewhere recognition of a face image is successful and the faceauthentication is allowed, a case where recognition of a face image issuccessful and the face authentication is not allowed, and a case whererecognition of a face image fails. In accordance with these threeresults, different messages are displayed in the message display window640. When recognition of a face image is successful and the faceauthentication is allowed, for example, “Face authentication wassuccessful” is displayed in the massage display window 640 in order tonotify the user that the face authentication is allowed (firstnotification). When recognition of a face image is successful and theface authentication is not allowed, there is a likelihood of thelearning management system 1 being used by impersonation. Accordingly,to urge stop of the impersonation, “Identity verification of Mr./Ms. ABCfailed. This lecture can be taken by Mr./Ms. ABC only” is displayed inthe message display window 640 (second notification), for example. Whenrecognition of a face image fails, there is a likelihood of a state ofan unenthusiastic attitude of attending a lecture such as a state wherethe user has left its seat or the user is looking at something else.Thus, to instruct the user to face the screen and eliminate the state ofthe unenthusiastic attitude of attending a lecture, “Face authenticationfailed. Please face the camera” is displayed as illustrated in FIG. 8 inthe message display window 640 (third notification), for example.

Note that the display of the present example embodiment is not limitedto those using a text message but may be those changing the color of apart of the display screen 600 in accordance with a face authenticationresult, for example. For example, it is possible to allow the user torecognize the face authentication result by using a difference in color,such as green when recognition of a face image is successful and theface authentication is allowed, red when recognition of a face image issuccessful and the face authentication is not allowed, and yellow whenrecognition of a face image fails. In this example, since the massagedisplay window 640 may not be provided, the area of the display screen600 can be effectively utilized. Further, by performing a change ofcolor and notification of a message at the same time, it is possible tocause the user to pay attention in a more reliable manner.

Further, the user may be notified by a voice message, an alarm sound, orthe like by using an audio output unit such as a speaker, a headphone,or the like provided to the user terminal 4. Also in this case, sincethe message display window 640 may not be provided, the area of thedisplay screen 600 can be effectively utilized. As discussed above, inthe present example embodiment, the notification scheme is not limitedas long as notification is provided to the user in accordance with aface authentication result, and any notification scheme such as a text,color, a voice, or the like may be used.

As described above, according to the present example embodiment, acontent in accordance with a result of face authentication of the useris displayed or the like to notify the user of the face authenticationresult, and thereby an inappropriate state in attending a lecture can beeliminated.

Fourth Example Embodiment

As a fourth example embodiment, a modified example regarding an alertdisplay displayed after face authentication during learning will bedescribed. The present example embodiment is an example embodiment inwhich transmission of a face image in step S22 of FIG. 4 and FIG. 5 ischanged or more detailed from the first example embodiment. Thus, onlythe features different from those of the first example embodiment willbe described, and the duplicated description will be omitted orsimplified.

The present example embodiment provides a more specific example of thecondition of transmitting a face image of the user acquired by the userterminal 4 to the face authentication management server 2. FIG. 9 is aflowchart illustrating a process of face image transmission according tothe fourth example embodiment. In the present example embodiment,processes of steps S22 a and S22 b of FIG. 9 are performed instead ofstep S22 of FIG. 4 and FIG. 5.

In step S22 a, the CPU 401 of the user terminal 4 determines whether ornot a predetermined condition is satisfied for a result of faceauthentication. If the predetermined condition is satisfied, the processproceeds to step S22 b (step S22 a, YES), the face image input/outputunit 504 of the user terminal 4 transmits a face image of the user tothe face authentication management server 2 (step S22 b). If thepredetermined condition is not satisfied, the face image input/outputunit 504 of the user terminal 4 does not transmit a face image of theuser to the face authentication management server 2 (step S22 a, NO).

In this example, the predetermined condition may be that the faceauthentication was not allowed for predetermined continuous times orthat the face authentication was not allowed for predetermined timeswithin a predetermined period, for example. That is, a face image is notalways transmitted when the face authentication was not allowed, thecondition includes requirement of face authentication being not allowedfor multiple times. One of the purposes of transmitting a face image tothe face authentication management server 2 outside the user terminal 4is to store the face image in the face authentication management server2 as a log and thereby enable the manager of the face authenticationmanagement server 2 to visually check the face image if necessary.Thereby, the manager is able to check whether or not face authenticationis properly performed. The manager is not required to check all the faceimages all the time but may perform the check, if necessary, when faceauthentication is questionable. It is therefore not essential topre-store all the face images. In such a way, it is not necessary totransmit a face image of the user every time, but it is often sufficientto transmit a face image only when there is likely to be a problem, suchas when face authentication is not allowed continuously. On the otherhand, in the configuration in which data of a face image is transmittedevery time, a problem of increase in the communication data amount,increase in processing time, and the like may occur. Therefore, with aconfiguration in which a face image is transmitted only when apredetermined condition is satisfied, it is possible to reduce thecommunication data amount and shorten the processing time. Note that,when being configured to monitor the user substantially all the time byrepeating the processes of steps S21 a, S21 b, S22, and S23, the userterminal 4 may transmit a face image every time a predeterminedcondition is satisfied or may transmit a plurality of face images atonce at the end of a content or at logoff.

Note that the case of “face authentication is not allowed” of thepredetermined condition described above may include a case whererecognition of a face image fails. The case where recognition of a faceimage fails refers to a case where a face of a person facing the frontof a capturing region is not successfully detected, for example, whichmay be a case where the user has left its seat, looks away, or the like.

As described above, according to the present example embodiment, bytransmitting a face image from the user terminal 4 to the faceauthentication management server 2 only when a predetermined conditionis satisfied, it is possible to reduce the communication data amount andshorten the processing time.

Fifth Example Embodiment

As a fifth example embodiment, a modified example regarding acquisitionof comparison target image will be described. The present exampleembodiment is an example embodiment in which an acquisition method of acomparison target image is changed or more detailed from the firstexample embodiment. Thus, only the features different from those of thefirst example embodiment will be described, and the duplicateddescription will be omitted or simplified.

The present example embodiment relates to a process when the userterminal 4 logs in the learning management system 1 for the first time.FIG. 10 is a flowchart illustrating a process of adding a comparisontarget according to the fifth example embodiment. In the present exampleembodiment, the processes of steps S26 a and 26 b of FIG. 10 areperformed at any timing between login of step S19 to logoff of step S24of FIG. 4 and FIG. 5.

In step S26 a, the CPU 401 of the user terminal 4 determines whether ornot login is the first time. If the login is the first time, the processproceeds to step S26 b (step S26 a, YES). In step S26 b, a face imageacquired at the first login is added to comparison targets so as to beable to be used as a comparison target in face authentication at thesecond and subsequent login. Specifically, in the face image storageunit 501, a face image acquired and stored at the first login is handledas a comparison target image. Furthermore, the CPU 401 causes thecomparison target amount storage unit 505 to store, as a feature amountof the comparison target image, a feature amount generated at the firstlogin and stored in the feature amount storage unit 503. When the loginis the second or subsequent login in step S26 a, the process ends (stepS26 a, NO). Note that a step of the user terminal 4 transmitting acomparison target image added in the face authentication managementserver 2 may be further added.

As described in the illustration of the first example embodiment, aphotograph captured in advance such as an image of a photograph of theuser's face attached to an application form may be used for a comparisontarget image, for example. However, there may be a difference between aface image of a photograph submitted in advance and a face image of theuser at the time of login due to a temporal change or the like.Accordingly, by adding an image captured at the first login or thefeature amount as a comparison target, it is possible to perform faceauthentication using the image closer to the actual face as a comparisontarget and thus improve the accuracy of face authentication.Furthermore, there is an advantage of avoiding being affected by adifference in lighting or a background between an image of the user,such as a photograph attached to the application form, and an image ofthe user at the time of login. Typically, the background of a photographattached to an application form is often plain, and the brightness oflighting is often suitably adjusted. In contrast, since various lightingand backgrounds may be applied in the image of the user at the time oflogin, there is a likelihood of deterioration of the accuracy of faceauthentication due to the difference in lighting or a background betweenboth the images. Further, in the image of the user at the time of login,there may be a poster in the background or there may be a photograph ofa face of a person or a pattern which may be misrecognized as the faceof a person in the clothes, this may be a factor of deterioration of theaccuracy of face authentication. In contrast, in the present exampleembodiment, since it is possible to perform face authentication withlighting, a background, clothes, or the like being the same to somedegrees and thus improve the accuracy of face authentication by addingan image or a feature amount captured at the time of login as acomparison target.

Note that a comparison target added at the first login may be replacedwith a comparison target such as a photograph attached to an applicationform prepared in advance, and both the comparison targets including thecomparison target prepared in advance may be used as the comparisontarget. When both the comparison targets are used, the process of faceauthentication may employ a scheme of assuming face authentication to besuccessful if the face authentication is successful for any one of thecomparison targets, for example.

Note that the present example embodiment may be configured to omit faceauthentication, perform identity verification using a user ID, apassword, or the like and capture a face image of the user at login orat the start of a content, and use the captured face image as thecomparison target image in the subsequent face authentication.

As described above, according to the present example embodiment, it ispossible to improve the accuracy of face authentication by adding a faceimage at the first login as a comparison target.

The same process as the process performed at the first login describedabove may be performed at the start of a content. In this case, a faceimage acquired at the start of a content (or at the start of eachchapter of a content) can be used as a comparison target image duringthe content being delivered.

Sixth Example Embodiment

While a remote teaching system including the learning management system1, the face authentication management server 2, and the user terminal 4is illustrated as examples in the example embodiment described above,the present invention is also applicable to a system that requires faceauthentication other than the remote teaching system. For example, thepresent invention is also applicable to a telework system that providesan environment of telework for stay-home work, freelance, or the like.FIG. 11 is a schematic diagram illustrating a general configuration of atelework system according to a sixth example embodiment. The teleworksystem includes an in-house system 1 a, the face authenticationmanagement server 2, and the user terminal 4. A difference from FIG. 1is that, while the accessed target of the user terminal 4 is thelearning management system 1 in FIG. 1, the accessed target of the userterminal 4 is the in-house system 1 a in FIG. 11. That is, the accessedtarget system of the present example embodiment is the in-house system 1a.

The in-house system 1 a is a connecting system to which the user of theuser terminal 4 is connected to transmit or receive data and work bytelework. The in-house system 1 a may include a data server or the like,for example. At login for the connection from the user terminal 4 to thein-house system 1 a, identity verification using face authentication isperformed to ensure security such as to maintain a trade secret.Further, face authentication is performed for monitoring an operationstatus in a logged-in state. As discussed above, since the teleworksystem of the present example embodiment also requires faceauthentication similar to that in the example embodiments describedabove, it is possible to apply the present invention to the teleworksystem and obtain the same advantages by replacing the configuration ofthe example embodiments described above with the telework system asappropriate.

In the telework system of the present example embodiment, a specificexample of a state in which face authentication is performed with thethreshold S1 that is higher than the threshold S2 of the similaritydegree used as a criterion of face authentication at a normal operationmay relate to a status where information of a high degree of secrecy ishandled other than at the time of login. An example of a status whereinformation of a high degree of secrecy is handled may relate to a caseof opening a file including human resource information such asattendance management, human resource management, or the like, a case ofopening a file which may include other company's confidentiality, suchas a file sent from others or other companies, a case of opening a filewhich may cause much influence when leaked, such as customerinformation, personal information, or the like.

Seventh Example Embodiment

A device as described in the above example embodiments can also beconfigured as below. FIG. 12 is a functional block diagram of the faceauthentication system 50 according to a seventh example embodiment. Theface authentication system 50 has a criterion setting unit 508 that setsa criterion of face authentication performed on a user so as to bedifferent in accordance with a state of an access target system accessedby the user. Furthermore, the face authentication system 50 has the faceauthentication unit 510 that performs face authentication of the userbased on the criterion.

According to the present example embodiment, a face authenticationsystem that can set a criterion of face authentication in a moresuitable manner can be provided.

Modified Example Embodiments

The present invention is not limited to the example embodiment describedabove but can be changed as appropriate within a range not departingfrom the spirit of the present invention.

While the example of face authentication has been illustrated as ascheme of authentication in each of the above example embodiments, otherauthentication schemes may be added in addition to face authentication.Specifically, by estimating a line of sight of the user based on animage of the user, it is possible to authenticate whether or not theuser is properly looking at the content. Further, impersonation using aphotograph, a static image, or the like can be prevented by capturing amoving image of the user by the camera 43 and performing motionauthentication for blinking, movement of the mouth, instructed movementof the face, or the like.

While face authentication is performed based on the relationship betweena similarity degree and a threshold of a face image of the user and acomparison target image in each of the above example embodiments, atemporal change of the similarity degree between a face image of theuser and a comparison target image may also be a criterion ofauthentication. For example, when a temporal change amount of thesimilarity degree between a face image of the user and a comparisontarget image is smaller than a predetermined threshold, authenticationto determine impersonation using a photograph, a static image, or thelike may be performed. Typically, since there is no state where the userdoes not move at all, the similarity degree between a face image of theuser and a comparison target image varies in accordance with time. Inthe case of impersonation using a photograph, a static image, or thelike, however, the face image of the user is in a state of not moving atall, and thus the similarity degree between the face image of the userand the comparison target image is a constant value. Therefore,impersonation using a photograph, a static image, or the like can beprevented by performing authentication with the criterion describedabove.

While the face authentication system using face authentication as anexample of biometrics authentication has been illustrated as an examplein each of the above example embodiments, the same scheme can be appliedto a system using another biometrics authentication. In biometricsauthentication, there are biometrics authentication with a relativelyhigh authentication accuracy, such as fingerprint authentication, veinauthentication, iris authentication, or the like and biometricsauthentication with a relatively low authentication accuracy, such asface authentication, a voice authentication, or the like. In the exampleembodiments described above, examples in which the threshold of asimilarity degree used as a criterion of a face authentication at login,in a test period, at logoff, or at the start of a content is set higherthan that in other periods has been illustrated. By replacing the levelof the thresholds of the similarity degree in these example embodimentswith the level of the authentication accuracy of biometricsauthentication, the example embodiments described above can be extendedto general biometrics authentication.

A specific example of such a biometrics authentication system will bedescribed. The biometrics authentication system in this example has afirst biometrics authentication scheme with a relatively highauthentication accuracy, such as fingerprint authentication, veinauthentication, iris authentication, or the like and a second biometricsauthentication scheme with a relatively low authentication accuracy,such as face authentication, voice authentication, or the like and mayperform at least two types of biometrics authentication. Biometricsauthentication is performed by using the first biometrics authenticationscheme with a relatively high authentication accuracy, such asfingerprint authentication, vein authentication, iris authentication, orthe like at login, in a test period, at logoff, or at the start of acontent (that is, a period in which the threshold S1 is set in theexample embodiments described above). Biometrics authentication isperformed by using the second biometrics authentication scheme with arelatively low authentication accuracy, such as face authentication,voice authentication, or the like in a period other than at login, in atest period, at logoff, or at the start of a content (that is, a periodin which the threshold S2 is set in the example embodiments describedabove).

With the biometrics authentication system being configured in such away, the accuracy of biometrics authentication can be differentiated inaccordance with a state of an accessed target system accessed by theuser, and a biometrics authentication system in which the accuracy ofbiometrics authentication can be set in a more suitable manner can beprovided.

As described above, there is an advantage of a relatively highauthentication accuracy in fingerprint authentication, veinauthentication, iris authentication, or the like. To acquire afingerprint image, however, a scanner used for reading a fingerprint isnecessary. Further, to acquire a vein image, a scanner capable ofreading a vein is necessary. These scanners may not be provided to ageneral computer, and additional cost may occur. Further, since an irisimage is generally acquired by capturing a narrow region of an iris byusing an infrared ray, a camera which is more expensive than a cameraprovided to a general computer may be necessary.

The authentication accuracy of face authentication or voiceauthentication is relatively low. However, a camera or a microphonegenerally provided to a computer can be used to acquire a face image oracquire voice data of a voice. Information processing for performingface authentication or voice authentication can be implemented byintroducing software. Implementation of face authentication or voiceauthentication does not require addition of hardware to the computer asdiscussed above, and the cost is relatively low.

An authentication scheme used in the biometrics authentication system isselected taking accuracy, cost, or the like into consideration asdescribed above. Since the cost of hardware required for biometricsauthentication is relatively low, it is more desirable that the firstbiometrics authentication scheme with a relatively high authenticationaccuracy be fingerprint authentication and the second biometricsauthentication scheme with a relatively low authentication accuracy beface authentication.

Further, while the example of performing two types of biometricsauthentication has been described above, a single type of biometricsauthentication may be employed when the authentication accuracy can bechanged by a setting change or the like in the same type of biometricsauthentication.

The biometrics authentication system described above can also beconfigured as below. FIG. 13 is a function block diagram of thebiometrics authentication system 50 a according to the modified exampleembodiment. The biometrics authentication system 50 a has an accuracysetting unit 508 a that sets a criterion of biometrics authenticationperformed on the user so as to be different in accordance with the stateof an access target system accessed by the user. Furthermore, thebiometrics authentication system 50 a has the biometrics authenticationunit 510 a that performs biometrics authentication of the user based onthe accuracy.

According to the present example embodiment, a biometrics authenticationsystem that can set the accuracy of biometrics authentication in a moresuitable manner can be provided.

The scope of each example embodiment also includes a processing methodof storing, in a storage medium, a program that causes the configurationof the example embodiment to operate to implement the function of theexample embodiment described above, reading out as a code the programstored in the storage medium, and executing the code in a computer. Thatis, a computer readable storage medium is also included in the scope ofeach example embodiment. Further, not only the storage medium in whichthe program described above is stored but also the program itself isincluded in each example embodiment. Further, one or more componentsincluded in the example embodiments described above may be a circuitsuch as an Application Specific Integrated Circuit (ASIC), a FieldProgrammable Gate Array (FPGA), or the like configured to implement thefunction of each component.

As the storage medium, a floppy (registered trademark) disk, a harddisk, an optical disk, a magneto-optical disk, a Compact Disk (CD)-ROM,a magnetic tape, a non-volatile memory card, or a ROM, for example, maybe used. The scope of each example embodiment includes not only thoseexecuting a process with a program itself stored in the storage mediumbut also those operating on an operating system (OS) in cooperation withthe function of another software or an extension board to execute theprocess.

Services realized by the function of each example embodiment describedabove can be provided to the user in a form of Software as a Service(SaaS).

Note that all the example embodiments described above are mere examplesof embodiment in implementing the present invention, and the technicalscope of the present invention should not be limited to these exampleembodiments. That is, the present invention can be implemented invarious forms without departing from the technical concept thereof orthe primary feature thereof.

The whole or part of the example embodiments disclosed above can bedescribed as, but not limited to, the following supplementary notes.

(Supplementary Note 1)

A face authentication system comprising:

a criterion setting unit that sets a criterion of face authenticationperformed on a user so as to be different in accordance with a state ofan access target system accessed by the user; and

a face authentication unit that performs face authentication of the userbased on the criterion.

(Supplementary Note 2)

The face authentication system according to supplementary note 1,

wherein the access target system is operable in at least a first stateof accepting a face authentication result used for determining loginpermission of the user to the access target system and a second state ofaccepting a face authentication result of the user who has logged in theaccess target system, and

wherein the criterion setting unit sets criteria that are differentbetween when the access target system is in the first state and when theaccess target system is in the second state.

(Supplementary Note 3)

The face authentication system according to supplementary note 2,

wherein face authentication of the user is performed based on asimilarity degree between a face image of the user and a comparisontarget image, and

wherein a similarity degree used as a criterion of face authenticationin the first state is higher than a similarity degree used as acriterion of face authentication in the second state.

(Supplementary Note 4)

The face authentication system according to supplementary note 2 or 3,

wherein the access target system is further operable in a third state ofaccepting a face authentication result at logoff from the access targetsystem of the user, and

wherein the criterion setting unit sets criteria that are differentbetween when the access target system is in the second state and whenthe access target system is in the third state.

(Supplementary Note 5)

The face authentication system according to supplementary note 4,

wherein face authentication of the user is performed based on asimilarity degree between a face image of the user and a comparisontarget image, and

wherein a similarity degree used as a criterion of face authenticationin the third state is higher than a similarity degree used as acriterion of face authentication in the second state.

(Supplementary Note 6)

The face authentication system according to any one of supplementarynotes 1 to 5,

wherein the access target system is a learning management system that isoperable in at least a fourth state of causing the user to take a testand a fifth state of causing the user to perform learning, and

wherein the criterion setting unit sets criteria that are differentbetween when the access target system is in the fourth state and whenthe access target system is in the fifth state.

(Supplementary Note 7)

The face authentication system according to supplementary note 6,

wherein face authentication of the user is performed based on asimilarity degree between a face image of the user and a comparisontarget image, and

wherein a similarity degree used as a criterion of face authenticationin the fourth state is higher than a similarity degree used as acriterion of face authentication in the fifth state.

(Supplementary Note 8)

The face authentication system according to any one of supplementarynotes 1 to 7 further comprising a notification unit that notifies theuser of a result of face authentication of the user.

(Supplementary Note 9)

The face authentication system according to supplementary note 8,wherein, in accordance with a result of face authentication, thenotification unit is able to perform any of a first notificationindicating that recognition of a face image is successful and faceauthentication is allowed, a second notification indicating thatrecognition of a face image is successful and face authentication is notallowed, and a third notification indicating that recognition of a faceimage failed.

(Supplementary Note 10)

The face authentication system according to any one of supplementarynotes 1 to 9 further comprising an output unit that externally outputs aface image of the user when a predetermined condition regarding a resultof face authentication is satisfied.

(Supplementary Note 11)

The face authentication system according to supplementary note 10,wherein the predetermined condition is that face authentication has notbeen allowed continuously for predetermined times.

(Supplementary Note 12)

The face authentication system according to supplementary note 10,wherein the predetermined condition is that face authentication has notbeen allowed for predetermined times within a predetermined period.

(Supplementary Note 13)

The face authentication system according to any one of supplementarynotes 1 to 12, wherein the face authentication unit uses a face imageacquired when the user logs in the access target system for the firsttime as a comparison target in face authentication at second andsubsequent login.

(Supplementary Note 14)

The face authentication system according to any one of supplementarynotes 1 to 13, wherein the criterion is further determined based on atleast one of position information on a terminal on which the useroperates, network connection related information, and a start timeinterval of a content received from the access target system.

(Supplementary Note 15)

The face authentication system according to supplementary note 14,

wherein face authentication of the user is performed based on asimilarity degree between a face image of the user and a comparisontarget image, and

wherein, based on at least one of position information of a terminal onwhich the user operates, network connection related information, and astart time interval of a content received from the access target system,a similarity degree used as a criterion of face authentication when itis determined that a playback environment of the content has changed ishigher than a similarity degree used as a criterion of faceauthentication when it is determined that a playback environment of thecontent has not changed.

(Supplementary Note 16)

A face authentication method comprising:

setting a criterion of face authentication performed on a user so as tobe different in accordance with a state of an access target systemaccessed by the user; and

performing face authentication of the user based on the criterion.

(Supplementary Note 17)

A storage medium in which a program is stored, the program causing acomputer to execute:

setting a criterion of face authentication performed on a user so as tobe different in accordance with a state of an access target systemaccessed by the user; and

performing face authentication of the user based on the criterion.

(Supplementary Note 18)

A biometrics authentication system comprising:

an accuracy setting unit that sets an accuracy of biometricsauthentication performed on a user so as to be different in accordancewith a state of an access target system accessed by the user; and

a biometrics authentication unit that performs biometrics authenticationof the user based on the accuracy.

(Supplementary Note 19)

A biometrics authentication method comprising:

setting an accuracy of biometrics authentication performed on a user soas to be different in accordance with a state of an access target systemaccessed by the user; and

performing biometrics authentication of the user based on the accuracy.

(Supplementary Note 20)

A storage medium in which a program is stored, the program causing acomputer to execute:

setting an accuracy of biometrics authentication performed on a user soas to be different in accordance with a state of an access target systemaccessed by the user; and

performing biometrics authentication of the user based on the accuracy.

REFERENCE SIGNS LIST

-   1 learning management system-   1 a in-house system-   2 face authentication management server-   3 network-   4 user terminal-   41 input device-   42 display-   43 camera-   401 CPU-   402 RAM-   403 ROM-   404 HDD-   405 communication I/F-   406 input device I/F-   407 display I/F-   408 peripheral device I/F-   409 bus-   50 face authentication system-   50 a biometrics authentication system-   501 face image storage unit-   502 feature amount calculation unit-   503 feature amount storage unit-   504 face image input/output unit-   505 comparison target amount storage unit-   506 authentication condition acquisition unit-   507 state acquisition unit-   508 criterion setting unit-   508 a accuracy setting unit-   509 authentication result output unit-   510 face authentication unit-   510 a biometrics authentication unit

1-16. (canceled)
 17. A biometrics authentication system comprising: at least one memory storing a computer program; and at least one processor configured to execute the computer program to: set a criterion of biometrics authentication performed on a user so as to be different between a first operation state relating to a content of the system and a second operation state relating to the content of the system, the system providing the user with one or more contents; wherein the criterion in the first operation state is higher than the criterion in the second operation state.
 18. The biometrics authentication system according to claim 17, wherein the first operation state is a state of accepting a result of the biometrics authentication used for determining permission of the user's starting to use each of the content.
 19. The biometrics authentication system according to claim 17, wherein the first operation state is a state of accepting a result of the biometrics authentication at the time of the user's ending to use each of the contents.
 20. The biometrics authentication system according to claim 17, wherein the second operation state is a state of accepting a result of the biometrics authentication while the user uses each of the content.
 21. The biometrics authentication system according to claim 17, wherein the first operation state is a state of accepting a result of the biometrics authentication used for determining permission of resuming to providing the user with the content while the system temporally stops to provide the user with the content due to that the biometrics authentication is not allowed.
 22. The biometrics authentication system according to claim 17, wherein the first operation state is a state of accepting a result of the biometrics authentication which is performed for the first time after the user starts to use the system.
 23. The biometrics authentication system according to claim 17, wherein the higher a degree of secrecy of information included in the content is, the higher the processor is configured to set the criterion of biometrics authentication.
 24. The biometrics authentication system according to claim 17, wherein the processor is configured to execute the computer program to: perform the biometrics authentication based on a temporal change of a similarity degree between biometrics information of the user and comparison target information.
 25. A biometrics authentication method comprising: setting a criterion of biometrics authentication performed on a user so as to be different between a first operation state relating to a content of the system and a second operation state relating to the content of the system, the system providing the user with one or more contents; wherein the criterion in the first operation state is higher than the criterion in the second operation state.
 26. The biometrics authentication method according to claim 25, wherein the first operation state is a state of accepting a result of the biometrics authentication used for determining permission of the user's starting to use each of the content.
 27. The biometrics authentication method according to claim 25, wherein the first operation state is a state of accepting a result of the biometrics authentication at the time of the user's ending to use each of the contents.
 28. The biometrics authentication method according to claim 25, wherein the second operation state is a state of accepting a result of the biometrics authentication while the user uses each of the content.
 29. The biometrics authentication method according to claim 25, wherein the first operation state is a state of accepting a result of the biometrics authentication used for determining permission of resuming to providing the user with the content while the system temporally stops to provide the user with the content due to that the biometrics authentication is not allowed.
 30. The biometrics authentication method according to claim 25, wherein the first operation state is a state of accepting a result of the biometrics authentication which is performed for the first time after the user starts to use the system.
 31. A non-transitory computer-readable storage medium in which a program is stored, the program causing a computer to execute: setting a criterion of biometrics authentication performed on a user so as to be different between a first operation state relating to a content of the system and a second operation state relating to the content of the system, the system providing the user with one or more contents; wherein the criterion in the first operation state is higher than the criterion in the second operation state.
 32. The non-transitory computer-readable storage medium according to claim 31, wherein the first operation state is a state of accepting a result of the biometrics authentication used for determining permission of the user's starting to use each of the content.
 33. The non-transitory computer-readable storage medium according to claim 31, wherein the first operation state is a state of accepting a result of the biometrics authentication at the time of the user's ending to use each of the content.
 34. The non-transitory computer-readable storage medium according to claim 31, wherein the second operation state is a state of accepting a result of the biometrics authentication while the user uses each of the content.
 35. The non-transitory computer-readable storage medium according to claim 31, wherein the first operation state is a state of accepting a result of the biometrics authentication used for determining permission of resuming to providing the user with the content while the system temporally stops to provide the user with the content due to that the biometrics authentication is not allowed.
 36. The non-transitory computer-readable storage medium according to claim 31, wherein the first operation state is a state of accepting a result of the biometrics authentication which is performed for the first time after the user starts to use the system. 